Vulnerability

Bug Bounty FAQ: Top Questions, Expert Answers

Four leading voices in the bug bounty community answer frequently asked questions from bounty hunters, companies and curious cybersecurity professionals. Seldom does Threatpost have the...

FortiGate VPN Default Config Allows MitM Attacks

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle (MitM)...

Cisco Patch-Palooza Tackles 29 High-Severity Bugs

Patches and workaround fixes address flaws on networking hardware running Cisco IOS XE software. Cisco Systems released a barrage of patches, Thursday, aimed at fixing...

Zerologon Patches Roll Out Beyond Microsoft

A Samba patch and a micropatch for end-of-life servers have debuted in the face of the critical vulnerability. The “perfect” Windows vulnerability known as the...

Cloud Security

Security teams struggle with ransomware, cloud services

Ransomware, insecure internet-facing systems and attacks against cloud-based services are among the top threats facing industry this year, according to new and recent threat intelligence...

U.S. charges 7 alleged state-sanctioned Chinese hackers

The Department of Justice on Wednesday unsealed indictments secured between August 2019 and August 2020 of seven foreign nationals accused of a bevy of international...

G Suite flaw mitigated after disclosure, but Google Drive still vulnerable

Pictured: Google and parent company Alphabet’s corporate headquarters. Researchers recently reported finding security holes in Google’s G Suite and Google Drive offerings. (Alex Tai/SOPA Images/LightRocket...

G Suite flaw mitigated after disclosure, Google Drive still vulnerable

Pictured: Google and parent company Alphabet’s corporate headquarters. Researchers recently reported finding security holes in Google’s G Suite and Google Drive offerings. (Alex Tai/SOPA Images/LightRocket...

Phishing attack hid in Google Cloud Services

Details of a phishing attack concealed in Google Cloud Services point to a fast-growing trend that has hackers disguising malicious activities in cloud service providers....

COVID-19 accounts for most 2020 cyberattacks

The pandemic has served as a catalyst for much of the hacking increases during the first half of 2020, with weekly COVID-19-related phishing attacks growing...